Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

If that's a major chore for you, may I suggest investing in a test suite, so that you don't have to go through manually and test all your patches?

Yes, that would help with testing, but also multiplies the work: now you have patches and the new test suite to maintain and shepherd through upgrades.:)

Testing patches actually wasn't the main obstacle. The far bigger time sink was when some patched piece of functionality moved over to a different location in the codebase. Then the engineer had to go and become familiar with their changes, find how things got rearranged, and adopt the patch to the new code. That's a lot of unnecessary work just to maintain the status quo.

As for whether we needed to upgrade so frequently - yeah, we actually did. Hopefully the OP doesn't, though.:)

Maintaining custom patches for a foreign codebase is going to be painful, proportionally to the number of patches, and how badly spread out they are through the codebase.

Consider this: every time the Rails team changes things, you'll have to go through your patches and make sure they still apply correctly. And if, heavens forbid, they do some major refactoring, you'll have to spend the time figuring out what functionality got moved where, and re-apply the patches as necessary.

My project was maintaining a custom set of patches for a major open source library for a while, and it was fairly labor-intensive: every time the library provider released a new version, a senior engineer spent a good part of a day going through the codebase and repatching it, testing the new version, etc. The problem was, however, that they released new versions frequently, and we needed them as soon as they were released.

If your patches aren't going to migrate upstream, I'd be very wary of spending a lot of time maintaining them as the core library keeps evolving. Try to measure how much time it would take to update your local patched Rails when they release a new version (especially a major one, if you can), and project future work estimates from that.

For us, we ended up sacrificing functionality for development speed, and we switched to a less capable library that worked right out of the box without endless patching.

"The risk in the Google design, according to Mr. Miller, who is a principal security analyst at Independent Security Evaluators in Baltimore, lies in the danger from within the Web browser partition in the phone. It would be possible, for example, for an intruder to install software that would capture keystrokes entered by the user when surfing to other Web sites. That would make it possible to steal identity information or passwords.""

r (13067) writes "The San Francisco Chronicle recently found that the former COO of the Wikimedia Foundation had a questionable past, including being convicted of theft, drunken driving, and fleeing a car accident. "Before she left in July, Carolyn Bothwell Doran, 45, had moved up from a part-time bookkeeper for the Wikimedia Foundation and spent six months as chief operating officer, responsible for personnel and financial management. In March, she signed the small nonprofit's tax return, which listed more than $1.3 million in donations. At the time, she was on probation for a 2004 hit-and-run accident in Virginia that had landed her seven months in prison. Doran had multiple drunken-driving convictions, and records show earlier run-ins for theft, writing bad checks and wounding her boyfriend with a gunshot to the chest." How could Wikimedia fail to perform a basic background check on the person handling the foundation's financials?"

DECS writes "Last winter, RDM detailed why Microsoft's iPod Killer would fail miserably. This year, the site argues, Microsoft will fail again, but for a new set of reasons. It is not obvious that the company has figured this out itself. 'Microsoft doesn't seem to learn from its mistakes in consumer electronics very well. When it does however, it frequently gets the timing wrong. This year, Microsoft appears set to compete against the Apple of 2006. It now offers two flash models, last year's leftover 30 GB unit, and new 80 GB version. The problem is that Apple moved the goalpost dramatically. Apple's new 3G Nano is ultra thin and small, but delivers the same video resolution as Microsoft's boxy flash Zunes at the same price. It also plays games.'"

An anonymous reader writes "Los Angeles International Airport (LAX) is using randomization software to determine the location and timing of security checkpoints and patrols. The theory is that random security will make it impossible for terrorists to predict the actions of security forces. The ARMOR software, written by computer scientists at the University of Southern California, was initially developed to solve a problem in game theory. Doctoral student Praveen Paruchuri wrote algorithms on how an agent should react to an opponent who has perfect information about the agent's choices."

r (13067) writes "Earthlink backs out of contract negotiations to blanket San Francisco with free Wi-Fi, citing money problems. From the SF Chronicle article: The contract, which was three years in the making, had run into snags with the Board of Supervisors, but ultimately it was undone when Atlanta-based EarthLink announced Tuesday that it no longer believed providing citywide Wi-Fi was economically viable for the company.... EarthLink spokesman Jerry Grasso said that EarthLink was willing to work with San Francisco but had decided that it "was not willing to work in the business model where EarthLink fronts all the money to build, own and operate the network.""Link to Original Source

reporter writes "According to a story by the Associated Press and a front-page story by "The Guardian", British authorities have identified Andrei Lugovoi to be the murderer who used radioactive pollonium-210 to kill Andrei Litvinenko. The British government will ask Moscow to extradite Lugovoi. "The Guardian" states, "The British government is preparing to demand the extradition of a Russian businessman to stand trial for the poisoning with polonium-210 of the former KGB officer Alexander Litvinenko. Senior Whitehall officials have told the Guardian that a Scotland Yard file on the murder which is about to be passed to the Crown Prosecution Service alleges that there is sufficient evidence against Andrei Lugovoi for the CPS to decide whether he should face prosecution.""

An anonymous reader writes "Jane Street Capital is sponsoring the OCaml Summer Project. It looks similar to Google's SOC, except it's much smaller (5-10 students) and it's 100% OCaml. At $6000 for 8 weeks, the pay looks pretty decent for a student. From the OSP website: "The OCaml Summer Project, in a nutshell: Jane Street Capital pays you to work on open source OCaml projects for a summer. Sounds pretty cool, huh?""

Darius Kazemi writes "This past weekend, a bunch of Boston-area game developers got together and did a 36-hour Boston Game Jam, inspired by the Indie Game Jam. We made eight games in 36 hours based on the theme of "shift" for platforms as diverse as PC, GBA, and cell phones. The games range from a surprisingly complex behavioral sim to a game where you have to squish your opponent in a 2D physics deathmatch. Most of the games are available for download right now, and some of them even include the source code. In days to come, we'll be adding developer diaries and other goodies."

Several readers wrote in with a CNET report that raises novel free-speech questions. MySpace asked GoDaddy to pull the plug on Seclists.org, a site run by Fyodor Vaskovich, the father of nmap. The site hosts a quarter million pages of mailing-list archives and the like. MySpace did not obtain a court order or, apparently, compose a DMCA takedown notice: it simply asked GoDaddy to remove a site that happened to archive a list of thousands of MySpace usernames and passwords, and GoDaddy complied. Fyodor says the takedown happened without prior notice. The site was unavailable for about seven hours until he found out what was happening and removed the offending posting. The CNET article concludes: "When asked if GoDaddy would remove the registration for a news site like CNET News.com, if a reader posted illegal information in a discussion forum and editors could not be immediately reached over a holiday, Jones replied: 'I don't know... It's a case-by-case basis.'"